In my last post, I demonstrated how we can set up an Apache Forward Proxy Server on Ubuntu 14.04. So, this post will talk about everything you need to set up an Apache Reverse Proxy Server.
Difference between Forward and Reverse Proxy.
Before I start this tutorial, we must first understand the difference between Forward and Reverse Proxy. Since my blog is all about simple explanation, I will keep things simple & informative 🙂
Forward Proxy server is your more obvious kind of proxy where you access a remote server, like Google or Facebook or another remote server in your network such as Jenkins, via a proxy server. It means, data packets flow like this.
Client(aka you) –> Forward Proxy server –> Remote server(aka Google).
Forward implies that your proxy server sits in front of your remote server. You need to configure your client to use Forward Proxy server. Your remote server will see IP of your proxy server & knows nothing about client’s existence.
Reverse Proxy is a different concept. Here you also access your remote server via a proxy server but you don’t specify IP or hostname of your remote server. You enter IP/hostname of your Reverse proxy server which redirects your request to the remote server, based on its configuration. Data packets flow in the similar manner, but you only invoke your Reverse Proxy server here as opposed to invoking your remote server.
Suppose you have a Jenkins server running on port 8080. You want to access this server but you don’t want to expose its port. You setup an Apache Reverse Proxy Server & tell it to redirect all requests landing on port 80 (Apache’s default) to Jenkins server which is running on port 8080. Since its default port, you just enter IP/hostname of your Reverse Proxy server in your browser & you will end up seeing Jenkins GUI 😉 You don’t need to configure any client at all here because you are entering Reverse Proxy server’s IP/hostname only.
Armed with some information, lets begin this tutorial 🙂
Lab Description : –
- Reverse Proxy Server – An Ubuntu 14.04 Server running Apache with IP 192.168.0.51
- Client – An Ubuntu 14.04 Server with IP 192.168.0.50
- Remote Server – An Ubuntu 14.04 Server with IP 192.168.0.50. This server runs my Jenkins, so I will be accessing Jenkins from my client via proxy server. Note that I am using same host for client & remote server. This is because my request will go to Reverse Proxy Server only & it will redirect that request to Jenkins which runs on the same host.
Steps to Perform : –
Configure Reverse Proxy Server (192.168.0.51).
1. Install core product.
Install Apache, if not already done. It is as simple as issuing –
root@shashank-reverse-proxy-server:/home/shashank# apt-get install-y apache2 apache2-doc apache2-utils
2. Install necessary modules.
Issue below command to install modules required for proxy server.
root@shashank-reverse-proxy-server:/home/shashank# apt-get install
3. Enable Apache modules.
Issue below command to enable all the required Apache modules.
root@shashank-reverse-proxy-server:/home/shashank# a2enmod proxy proxy_ajp proxy_http rewrite deflate headers proxy_balancer proxy_connect proxy_html
4. Configure proxy configuration file.
We will now create an Apache proxy configuration file that will hold information required for proxying. Start with creating a file like this.
root@shashank-reverse-proxy-server:/home/shashank# vim /etc/apache2/mods-available/mod_reverse_proxy.conf
Please check my GitHub gist to see the contents of this file. HTML tags are interfering with the tags in configuration file. You can see that nothing much is happening here except enabling the proxy.
If you want to run Apache on its default port, its alright. Otherwise you may wish to edit
/etc/apache2/ports.conf file. Whatever port you define here will be used to access your remote server in the form of IP/hostname of Reverse Proxy server:port#.
5. Define a Virtual Host.
Its now time to define a Virtual Host which is a separate instance of your web-server(remember you can host multiple sites on a single Apache server). We are defining it to enable more fine-grained logs & redirection for remote server. Start with backing up the original default Virtual Host.
root@shashank-reverse-proxy-server:/home/shashank# cp -p /etc/apache2/sites-enabled/000-default.conf /etc/apache2/sites-enabled/000-default.conf.orig
apache_reverse_proxy.conf to avoid confusion.
Now edit this
/etc/apache2/sites-enabled/apache_reverse_proxy.conf file to define logs location & port. You can see that I am redirecting all incoming HTTP requests to my remote Jenkins server which is running on port 8080.
Please check my GitHub gist to see the contents of this file.
6. Enable the Virtual Host.
Time to enable our newly created Virtual Host.
apache_reverse_proxy.confEnabling site reverse-proxy. To activate the new configuration, you need to run: service apache2 reload root@shashank-reverse-proxy-server:/home/shashank# service apache2 reload * Reloading web server apache2 *
7. Restart Apache.
Configuration is now done & we must restart Apache to load these new settings.
If everything is configured correctly, you will now have a working Reverse Proxy Server.
To test it, log on to your client server 192.168.0.50 & open your browser. Now enter just the IP address of your Reverse Proxy server 192.168.0.51. You will see Jenkins GUI 🙂 Since I am running Apache on its default port 80, I only used192.168.0.51. If it was running on some other port, I would have used 192.168.0.51:port#. See the screenshot below to see Reverse Proxy in action 😉
If you stop Apache service & retry opening Jenkins, you will see that its not loading & asks you to check Proxy configuration 😉
As always, you are most welcome if you have suggestions/feedback or you need more information 🙂